merged trunk

4 files changed, 21 insertions, 8 deletions

diff --git a/nova/auth/dbdriver.py b/nova/auth/dbdriver.py
index d8dad8edd..d1e3f2ed5 100644
--- a/nova/auth/dbdriver.py
+++ b/nova/auth/dbdriver.py
@@ -162,6 +162,8 @@ class DbDriver(object):
             values['description'] = description
 
         db.project_update(context.get_admin_context(), project_id, values)
+        if not self.is_in_project(manager_uid, project_id):
+            self.add_to_project(manager_uid, project_id)
 
     def add_to_project(self, uid, project_id):
         """Add user to project"""
diff --git a/nova/auth/fakeldap.py b/nova/auth/fakeldap.py
index 4466051f0..79afb9109 100644
--- a/nova/auth/fakeldap.py
+++ b/nova/auth/fakeldap.py
@@ -90,12 +90,12 @@ MOD_DELETE = 1
 MOD_REPLACE = 2
 
 
-class NO_SUCH_OBJECT(Exception):  # pylint: disable-msg=C0103
+class NO_SUCH_OBJECT(Exception):  # pylint: disable=C0103
     """Duplicate exception class from real LDAP module."""
     pass
 
 
-class OBJECT_CLASS_VIOLATION(Exception):  # pylint: disable-msg=C0103
+class OBJECT_CLASS_VIOLATION(Exception):  # pylint: disable=C0103
     """Duplicate exception class from real LDAP module."""
     pass
 
@@ -268,7 +268,7 @@ class FakeLDAP(object):
             # get the attributes from the store
             attrs = store.hgetall(key)
             # turn the values from the store into lists
-            # pylint: disable-msg=E1103
+            # pylint: disable=E1103
             attrs = dict([(k, _from_json(v))
                           for k, v in attrs.iteritems()])
             # filter the objects by query
@@ -277,12 +277,12 @@ class FakeLDAP(object):
                 attrs = dict([(k, v) for k, v in attrs.iteritems()
                               if not fields or k in fields])
                 objects.append((key[len(self.__prefix):], attrs))
-            # pylint: enable-msg=E1103
+            # pylint: enable=E1103
         if objects == []:
             raise NO_SUCH_OBJECT()
         return objects
 
     @property
-    def __prefix(self):  # pylint: disable-msg=R0201
+    def __prefix(self):  # pylint: disable=R0201
         """Get the prefix to use for all keys."""
         return 'ldap:'
diff --git a/nova/auth/ldapdriver.py b/nova/auth/ldapdriver.py
index 5da7751a0..fcac55510 100644
--- a/nova/auth/ldapdriver.py
+++ b/nova/auth/ldapdriver.py
@@ -275,6 +275,8 @@ class LdapDriver(object):
             attr.append((self.ldap.MOD_REPLACE, 'description', description))
         dn = self.__project_to_dn(project_id)
         self.conn.modify_s(dn, attr)
+        if not self.is_in_project(manager_uid, project_id):
+            self.add_to_project(manager_uid, project_id)
 
     @sanitize
     def add_to_project(self, uid, project_id):
@@ -632,6 +634,6 @@ class LdapDriver(object):
 class FakeLdapDriver(LdapDriver):
     """Fake Ldap Auth driver"""
 
-    def __init__(self):  # pylint: disable-msg=W0231
+    def __init__(self):  # pylint: disable=W0231
         __import__('nova.auth.fakeldap')
         self.ldap = sys.modules['nova.auth.fakeldap']
diff --git a/nova/auth/manager.py b/nova/auth/manager.py
index 84c8a6cb2..12ded1207 100644
--- a/nova/auth/manager.py
+++ b/nova/auth/manager.py
@@ -22,7 +22,7 @@ Nova authentication management
 
 import os
 import shutil
-import string  # pylint: disable-msg=W0402
+import string  # pylint: disable=W0402
 import tempfile
 import uuid
 import zipfile
@@ -96,10 +96,19 @@ class AuthBase(object):
 
 
 class User(AuthBase):
-    """Object representing a user"""
+    """Object representing a user
+
+    The following attributes are defined:
+    :id:       A system identifier for the user.  A string (for LDAP)
+    :name:     The user name, potentially in some more friendly format
+    :access:   The 'username' for EC2 authentication
+    :secret:   The 'password' for EC2 authenticatoin
+    :admin:    ???
+    """
 
     def __init__(self, id, name, access, secret, admin):
         AuthBase.__init__(self)
+        assert isinstance(id, basestring)
         self.id = id
         self.name = name
         self.access = access